Outlook Email Authentication Bypass: Display Name Obfuscation
Original Source: GitLab Repository The Vulnerability The issue lies in the “display name” of an email’s “From” header in Outlook. It appears that this display name can be manipulated to…
Original Source: GitLab Repository The Vulnerability The issue lies in the “display name” of an email’s “From” header in Outlook. It appears that this display name can be manipulated to…
Introduction In a significant development in the cybersecurity landscape, the banking sector has recently been the target of two distinct open-source software (OSS) supply chain attacks. These attacks, detected by…
In the ever-evolving field of Cyber Threat Intelligence (CTI), understanding the motivations behind cyber-attacks is paramount for effective threat mitigation and response. While financial gain is often a primary driver,…
A recent operation against phishing SMS campaigns in the UK, shared via a tweet by Jake from JCyberSec_ (@JCyberSec_) and a LinkedIn post by the Dedicated Card and Payment Crime…
APT32, also known as OceanLotus Group, is a Vietnam-based threat group that has been active since at least 2014. This group is known for its sophisticated attacks on several private…
The UK Further and Higher Education sectors are increasingly becoming targets for cyber-attacks. These attacks range from opportunistic ransomware operations to more sophisticated Advanced Persistent Threat (APT) groups. This report…
Managed File Transfer (MFT) solutions are essential tools for businesses to securely transfer sensitive data. However, like any software, they can be vulnerable to exploits if not properly managed and…
Online and at conferences, people ask me how to get started in threat intel. What I usually offer as advice to budding analysts starting out is to practise analysing things…
APT30, also known as APT-C-30, is a China-based cyber espionage group that has been active since at least 2005. The group has targeted multiple industries, including the aerospace, government, defense,…
APT29, also known as Cozy Bear, is a Russian hacker group believed to be affiliated with one or more Russian intelligence agencies. The group has been operating for the Russian…